Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add workflow for OpenSSF Scorecard #862

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add workflow for OpenSSF Scorecard #862

wants to merge 1 commit into from

Conversation

mhucka
Copy link
Member

@mhucka mhucka commented Feb 21, 2025

Scorecard (https://github.com/ossf/scorecard) is an automated tool that assesses a number of important checks associated with software security and assigns each check a score of 0-10. It creates a report at https://scorecard.dev/viewer/?uri=github.com/tensorflow/quantum

@mhucka
Add workflow for OpenSSF Scorecard
c51b004 
Scorecard (https://github.com/ossf/scorecard) is an automated tool
that assesses a number of important checks associated with software
security and assigns each check a score of 0-10. It creates a report
at https://scorecard.dev/viewer/?uri=github.com/tensorflow/quantum
@mhucka mhucka marked this pull request as ready for review February 21, 2025 04:26
@mhucka mhucka enabled auto-merge February 21, 2025 04:26
MichaelBroughton
MichaelBroughton approved these changes Feb 27, 2025
View reviewed changes
Copy link
Collaborator

@MichaelBroughton MichaelBroughton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure security is a huge priority for a library that is so research driven, but this seems simple enough so LGTM.

.github/workflows/ossf-scorecard.yaml
# Scorecard is an automated tool that assesses a number of important heuristics
# associated with software security and assigns each check a score of 0-10. The
# use of Scorecard is suggested in Google's internal GitHub guidance
# (go/github-docs).
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove internal links.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@MichaelBroughton MichaelBroughton

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mhucka @MichaelBroughton